Internal Audit clarification - How to perform the audits

jfriess

Involved In Discussions
#1
I have recently received my pre-request for information for my upcoming transition audit. I am confused by one of the requests. They asked for internal audit results to support every new/changed/ modified clause (which is list on the their form).
We do our "system" audit by auditing each of our main processes (7). We follow a format that looks at many different aspects of the standard are being followed during each process. Ex: inputs, output, training, documentation, corrective action, improvement...

We do not perform our audits in a checklist format ensuring that every single clause of the standard is verified each time.

Am I misunderstanding how to perform the audits or misinterpreting what they are looking for?

Any advice would be appreciated.
 
Elsmar Forum Sponsor
#2
I have recently received my pre-request for information for my upcoming transition audit. I am confused by one of the requests. They asked for internal audit results to support every new/changed/ modified clause (which is list on the their form).
We do our "system" audit by auditing each of our main processes (7). We follow a format that looks at many different aspects of the standard are being followed during each process. Ex: inputs, output, training, documentation, corrective action, improvement...

We do not perform our audits in a checklist format ensuring that every single clause of the standard is verified each time.

Am I misunderstanding how to perform the audits or misinterpreting what they are looking for?

Any advice would be appreciated.
Depending on your specific CB/Registrar, they have an underlying objective: They don't want to find a major when they audit. With the 2015 requirements, there are new/changed (modified = changed) requirements which they want YOU to audit to avoid them finding majors.

From what you have described, you may - just for this event - have to adjust your approach (which you should be doing anyways) to address the new/changed.
 

jfriess

Involved In Discussions
#3
That makes sense to avoid Majors. I just thought by performing the Gap Analysis that we did when upgrading, we were checking everything. But it does make sense to double check (which we have just not documented in the audits)

And just to clarify, are you saying we should be doing a checklist approach every internal (system) audit or we should be continuously changing our approach?? This has never been our strongest area and i am just looking for advice on how to strengthen it... We are a small company (50 employees), so we only have 2 auditors.
 
#4
That makes sense to avoid Majors. I just thought by performing the Gap Analysis that we did when upgrading, we were checking everything. But it does make sense to double check (which we have just not documented in the audits)

And just to clarify, are you saying we should be doing a checklist approach every internal (system) audit or we should be continuously changing our approach?? This has never been our strongest area and i am just looking for advice on how to strengthen it... We are a small company (50 employees), so we only have 2 auditors.
For the most part, a gap analysis is simply an administrative look at the requirements and asking "do we do this?"

What the CB/Registrar wants you to do is audit whatever you implemented as a result of closing the "gaps".

I'm not always certain what people mean by "checklists" since they can vary wildly. If the auditor prepares a "shopping list" of things they want to audit, that's the most effective, in my estimation.. The approach will be different, since the "scope" and "criteria" for each audit will necessitate a different shopping list... Does that make sense?
 

Kronos147

Trusted Information Resource
#6
...We do our "system" audit by auditing each of our main processes (7). We follow a format that looks at many different aspects of the standard are being followed during each process. Ex: inputs, output, training, documentation, corrective action, improvement...
Excellent!

Do you have any document that ties in what requirements apply to those 7 processes? Does it say in the manual, perhaps, that you address 8.2 requirements for products\services with your contract review process?

When the internal auditor did the audit, did they know about the document and how they needed to look to ensure those requirements were being met when they assessed the process?
 
Thread starter Similar threads Forum Replies Date
B Internal audit checklist Internal Auditing 5
V Internal Audit Software IATF 16949 - Automotive Quality Systems Standard 5
J Internal Audit Schedule IATF Internal Auditing 3
C ISO 14001 Internal Audit - Opportunity for Improvement ISO 14001:2015 Specific Discussions 2
P Does FDA require certification for quality system internal audit for auditor? Qualification and Validation (including 21 CFR Part 11) 1
P Looking to outsource Internal Audit - MDSAP competent auditor needed Other Medical Device Regulations World-Wide 9
J Outsourced Internal Audit requirements for Aerospace Suppliers AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 21
D Number of people to be interviewed during an internal audit? Internal Auditing 10
Q Easy CARs for Internal Audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 14
A Internal audit plan and processes for ISO 14001:2015 ISO 14001:2015 Specific Discussions 3
C API Q1 internal audit report Internal Auditing 3
P Filled in F48/F49 for internal audit ISO 17025:2017 Internal Auditing 2
J Internal audit random sampling methodology Internal Auditing 2
G Organizing internal audit program for an Integrated QHSE Management System Internal Auditing 13
W How do you phrase your internal audit questions? Internal Auditing 3
M IATF - Internal Audit 3 year span Internal Auditing 4
Q ISO 9001-2015 Internal audit finding Internal Auditing 14
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 18
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 8
A Internal Audit Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
salaheddine96 Internal audit planning Internal Auditing 2
M ISO 9001 Major Nonconformance Internal Audit Schedule/COVID-19 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
E MDR internal audit Internal Auditing 1
U Internal Auditor not trained but done Audit for some process Nonconformance and Corrective Action 5
B Looking for 10 Internal Audit Online Training Participants ISO 17025 related Discussions 2
H AS9100 Checklist for Internal Audit needed AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
A What are the pros and cons of using an audit software for internal auditing? General Auditing Discussions 7
F Internal Audit before Pre-Assessment ISO 17025 related Discussions 2
Q Internal audit plan template Internal Auditing 12
L Internal audit during COVID-19 restrictions ISO 13485:2016 - Medical Device Quality Management Systems 5
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
B Using Unreleased Documents & Process Maps for Internal Audit purposes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
N Small Company - Internal audit process - Who does the audit? Internal Auditing 16
J Does anyone have an excel IATF 16949 Internal Audit checklist I could use? IATF 16949 - Automotive Quality Systems Standard 7
G Addressing Non-Conformances from an Internal Audit that are not product related ISO 13485:2016 - Medical Device Quality Management Systems 11
S Internal audit discrepancy - We missed a few audits that were scheduled Internal Auditing 12
Raffy ISO 14001 9.2.2 Internal Audit Programme Content Internal Auditing 10
N Internal Audit Schedule – Who gets to set the schedule? Internal Auditing 16
V IATF 16949 9.2.2.1 Internal Audit Program - "Process Changes" IATF 16949 - Automotive Quality Systems Standard 11
G Non Conformance During ISO 9001 Audit - Not All Internal Audits Completed General Auditing Discussions 19
B Using external FDA and ISO 13485 audit as internal audit Internal Auditing 6
T Internal Audit Schedule when Hiring Out Internal Auditing 7
D ISO 9001:2015 Internal Audit Training Advice Internal Auditing 10
M Internal audit consultant ISO 13485 (English speaker) Consultants and Consulting 3
S Implementing a 45001 Health & Safety standard - Internal audit plan wanted Internal Auditing 1
F Internal Audit - Procedure example Internal Auditing 5

Similar threads

Top Bottom